CN110276178A - A kind of risk control method, device and the equipment of identity-based verifying - Google Patents

A kind of risk control method, device and the equipment of identity-based verifying Download PDF

Info

Publication number
CN110276178A
CN110276178A CN201910448996.5A CN201910448996A CN110276178A CN 110276178 A CN110276178 A CN 110276178A CN 201910448996 A CN201910448996 A CN 201910448996A CN 110276178 A CN110276178 A CN 110276178A
Authority
CN
China
Prior art keywords
information
risk
user
feature
historical data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910448996.5A
Other languages
Chinese (zh)
Other versions
CN110276178B (en
Inventor
万莹莹
赵华
朱通
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Advanced New Technologies Co Ltd
Advantageous New Technologies Co Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201910448996.5A priority Critical patent/CN110276178B/en
Priority to CN202310524140.8A priority patent/CN116578955A/en
Publication of CN110276178A publication Critical patent/CN110276178A/en
Application granted granted Critical
Publication of CN110276178B publication Critical patent/CN110276178B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

This specification embodiment discloses risk control method, device and the equipment of identity-based verifying.Scheme includes: the authentication information for obtaining the first user and submitting;The first feature of risk information of first user is determined according to the authentication information;The information leakage grade of first user is determined according to the first feature of risk information;Risk control is carried out to the operation of first user according to the information leakage grade.

Description

A kind of risk control method, device and the equipment of identity-based verifying
Technical field
This application involves risk control method, devices that field of computer technology more particularly to a kind of identity-based are verified And equipment.
Background technique
In the prior art, in the risk prevention system for usurping identity, air control system is for identifying that there are non-operations in person Transaction carries out risk prevention system by output subscriber authentication, and the user of easily active information leakage is due to cheated etc. various Reason often provides authentication information to other people, and in this case, existing air control system can not often carry out Prevention and control.
Summary of the invention
In view of this, the embodiment of the present application provides risk control method, device and the equipment of a kind of identity-based verifying, For improving the safety of user account and fund.
In order to solve the above technical problems, this specification embodiment is achieved in that
A kind of risk control method for identity-based verifying that this specification embodiment provides, comprising:
Obtain the authentication information of the first user submission;
The first feature of risk information of first user is determined according to the authentication information;
The information leakage grade of first user is determined according to the first feature of risk information;
Risk control is carried out to the operation of first user according to the information leakage grade.
A kind of risk control device for identity-based verifying that this specification embodiment provides, comprising:
Authentication information obtains module, for obtaining the authentication information of the first user submission;
First feature of risk information determination module, for determining the of first user according to the authentication information One feature of risk information;
Information leakage level determination module, for determining the letter of first user according to the first feature of risk information Breath leakage grade;
Risk control module, for carrying out risk control to the operation of first user according to the information leakage grade System.
A kind of risk control equipment for identity-based verifying that this specification embodiment provides, comprising:
At least one processor;And
The memory being connect at least one described processor communication;Wherein,
The memory is stored with the instruction that can be executed by least one described processor, and described instruction is by described at least one A processor executes so that at least one described processor can:
Obtain the authentication information of the first user submission;
The first feature of risk information of first user is determined according to the authentication information;
The information leakage grade of first user is determined according to the first feature of risk information;
Risk control is carried out to the operation of first user according to the information leakage grade.
This specification embodiment use at least one above-mentioned technical solution can reach it is following the utility model has the advantages that
The authentication information that this specification embodiment is submitted by obtaining user determines the first feature of risk letter of user Breath;Then the information leakage grade that user is determined according to the first feature of risk information judges whether user is that easy initiative information is let out Then the user of dew carries out risk control to the operation of the user according to the information leakage grade.The present invention passes through identification It is easy the user of initiative information leakage out, risk control then is carried out to it, improves the safety of user account and fund.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present application, constitutes part of this application, this Shen Illustrative embodiments and their description please are not constituted an undue limitation on the present application for explaining the application.In the accompanying drawings:
Fig. 1 is a kind of flow diagram of the risk control method for identity-based verifying that this specification embodiment provides;
Fig. 2 is the risk control device that a kind of identity-based corresponding to Fig. 1 that this specification embodiment provides is verified Structural schematic diagram;
Fig. 3 is the risk control equipment that a kind of identity-based corresponding to Fig. 1 that this specification embodiment provides is verified Structural schematic diagram.
Specific embodiment
To keep the purposes, technical schemes and advantages of the application clearer, below in conjunction with the application specific embodiment and Technical scheme is clearly and completely described in corresponding attached drawing.Obviously, described embodiment is only the application one Section Example, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art are not doing Every other embodiment obtained under the premise of creative work out, shall fall in the protection scope of this application.
Authentication: also known as " verifying ", " authentication " refer to through certain means, complete the confirmation to user identity.
Public password: the relatively simple password used by a large amount of crowds, such as password, 123456,111222.
Easily leakage verification: refer to that user is easy the verification of actively leakage, such as short message check code, ID card No., security problem Answer etc..
The black production of network refers to using internet as medium, using network technology as main means, be computer information system safety and Cyberspace management order or even national security, social and political stability bring the illegal row of potential threat (major safety risks) For.
Risk control refers to that risk managers adopt various measures and method, eliminates or the various of event generation of reducing risks Possibility, or reduce risks event occur when caused by loss.
In usurping risk prevention system, air control system is for identifying that there are the transaction of my non-operation, by exporting user Authentication carries out risk prevention system, and the user of easily active information leakage often cooperated black due to the various reasons such as cheated It produces, provides authentication information, be the difficult point of air control.The user that the present invention is revealed by identifying easy initiative information is right It exports the proof of identity for being not easy to reveal, and protects the safety of user account and fund.
Below in conjunction with attached drawing, the technical scheme provided by various embodiments of the present application will be described in detail.
Fig. 1 is a kind of flow diagram of the risk control method for identity-based verifying that this specification embodiment provides. For program angle, the executing subject of process can be to be equipped on the program or application client of application server.
As shown in Figure 1, the process may comprise steps of:
Step 101: obtaining the authentication information that the first user submits.
In this specification embodiment, authentication information can be verification information of the user when carrying out Account Logon, It is also possible to verification information of the user when paying.These information can be encrypted message, be also possible to ID card No., It can also be security information.In addition, authentication information including user in addition to including that can also be used for after above-mentioned verification information Submit the device end information of verification information.
In this specification embodiment, the first user submits authentication information using device end, and terminal can be hand Machine, tablet computer, smartwatch etc..The terminal can be the equipment that user is commonly used, and be also possible to temporary login Equipment, the mobile phone for such as borrowing relatives and friends carry out emergency operation.
Step 102: the first feature of risk information of first user is determined according to the authentication information.
In this specification embodiment, the authentication information that user submits is obtained, can be obtained according to authentication information Some other information at family are taken, e.g., account password is public password, and account password is the passport NO. with itself It is related.The account information of user, such as some operating habits can also be obtained according to authentication information, is liked, and often logged in Equipment and user be added population profile.It can also be according to some other information of Account Registration acquisition of information of user, such as Education level etc..
In this specification embodiment, the first feature of risk information can be screened according to some preset rules with The relevant information of the easy active information leakage of user.Such as, it is public password that user, which uses no, and whether logging device is insincere Equipment or high-risk equipment, if high-risk tissue is added, whether account has strange land untrusted environmentally to pass through easily leakage verification, account Family is with the presence or absence of credible equipment and untrusted devices blocked operation etc. in the short time.If the logging device of user is insincere Equipment, then the account of user is likely to be stolen.Wherein, high-risk equipment can be understood as once having criminal's use This equipment usurps other people accounts.High-risk tissue can be understood as and the related groups such as brush is single, credit card is handled.
Step 103: the information leakage grade of first user is determined according to the first feature of risk information.
In this specification embodiment, information leakage grade represents the first user as the rank of easy active information leakage.Letter Breath leakage grade can be divided into easy active information leakage grade and be not easy initiative information leakage grade, can also have one to be in easy Initiative information leakage grade and the rank being not easy among initiative information leakage grade.It can be obtained based on the first feature of risk information Then one information leakage score judges which information leakage grade the first user belongs to according to preset score value.
In this specification embodiment, the information leakage of first user is determined according to the first feature of risk information Grade can use a variety of methods, such as can be by the characteristic information of the first feature of risk information and the user of easy active information leakage It compares, the first feature of risk information is then assessed according to comparing result, judge the information leakage grade of the first user.Easily The characteristic information of the user of initiative information leakage can be extracted from data of reporting a case to the security authorities.Wherein, the account that data of reporting a case to the security authorities are directed to is It is stolen through being implemented by relevant department.
In this specification embodiment, the information leakage of first user is determined according to the first feature of risk information Grade can also obtain information leakage risk class model using the method for carrying out big data training based on historical data, then base The information leakage grade of user is obtained in this model and the first feature of risk information.
Step 104: risk control is carried out to the operation of first user according to the information leakage grade.
In this specification embodiment, server is after obtaining the information leakage grade of the first user, so that it may be directed to Different information leakage grades formulates different risk control strategies.Risk control refer to risk managers adopt various measures and Method, eliminate or reduce risks event generation various possibilities, or reduce risks event occur when caused by loss.If The information leakage grade of first user indicates the first user there are the dangerous smaller of easy active information leakage, i.e., the first user is each Kind operates all under normal circumstances, the situation that historical data is not also stolen by account, then can be without risk control System.If the information leakage grade of the first user indicates that the first user there are the dangerous bigger of easy active information leakage, such as may be used It can not be logged on credible equipment, and using public password etc., just need to carry out user in this case secondary The safety of account and property is protected in authentication.Secondary identity authentication can also use different verifyings according to different situations Mode, if logging device is not credible equipment, then general verification method can be replaced using the method for biometric authentication, Such as replace sending identifying code to phone number using brush face or fingerprint collecting.The present embodiment is by using the body that should not be transmitted Part verification method, avoids the actual use person of user from sending identifying code to criminal to implement illegal activities.
Method in Fig. 1, the authentication information submitted by obtaining user determine the first feature of risk letter of user Breath;Then the information leakage grade that user is determined according to the first feature of risk information judges whether user is that easy initiative information is let out Then the user of dew carries out risk control to the operation of the user according to the information leakage grade.The present invention passes through identification It is easy the user of initiative information leakage out, risk control then is carried out to it, improves the safety of user account and fund.
Method based on Fig. 1, this specification embodiment additionally provide some specific embodiments of this method, carry out below Explanation.
Optionally, described that risk control is carried out to the operation of first user according to the information leakage grade, specifically May include:
Judge whether the information leakage grade is lower than the first risk class, obtains the first judging result;
When first judging result indicates that the information leakage grade is greater than or equal to first risk class, adopt The biological information for collecting first user carries out secondary identity authentication.
In this specification embodiment, the first risk class is set up, if information leakage grade is greater than or equal to the first wind Dangerous grade then indicates whether user is easy leakage user.If information leakage grade is more than the first risk class, user is deposited In the very risky of initiative information leakage, the authentication information that may have previously obtained is not the operation of user.This In the case of, it needs to carry out user secondary identity authentication, and the method that secondary identity authentication uses also is needed to reach and should not be passed The effect passed.This operation is in order to avoid occurring, and the verification information received is sent to net by user without knowing it Network swindles personnel, to break through secondary identity authentication.And biologic verification method is used in this specification embodiment, it avoids above-mentioned The appearance of situation.
Optionally, when first judging result indicates that the information leakage grade is lower than first risk class, Judge whether the information leakage grade is lower than the second risk class, obtain the second judging result, second risk class is low In first risk class;
When second judging result indicates that the information leakage grade is greater than or equal to second risk class, obtain Take the operation facility information of first user;
Judge the corresponding operation equipment of the operation facility information whether be first user credible equipment, obtain the Three judging results;
When the third judging result indicates that the operation equipment is not the credible equipment of first user, to described First user carries out secondary identity authentication.
In this specification embodiment, if the information leakage grade of user is relatively low, illustrate that user is to be not easy actively The user of information leakage.But information leakage grade is higher than the second risk class, although illustrating that user is not belonging to easy initiative information Leakage crowd, but information leakage is still had, for example with payment cipher is other websites as, then when stage verification payment The behavior of password occurs when in untrusted devices, and Hazard ratio ordinary user is higher, therefore is also required to correspondingly increase risk management and control Dynamics.Therefore, in this case, it is also necessary to the terminal device information that user uses is obtained, then according to terminal device information Determine that the terminal device that user uses is commonly used equipment, i.e. available devices.It can if the terminal device that user uses is not Equipment is believed, then can also there is a situation where that this account is stolen under to a certain degree, therefore, there is still a need for carrying out to user Secondary identity authentication.
In this specification embodiment, secondary identity authentication can be number verification, ID card No. verifying or The verifying of security problem, is also possible to biometric information verification, does not do the restriction having here.
In this specification embodiment, in order to improve the validity of secondary identity authentication, user's input can also be shortened and tested The time for demonstrate,proving information, user is prevented by verification information and is transmitted to other people, to lose the meaning of secondary identity authentication.Example Such as, the time of normal condition even input authentication information is 2 minutes, and 1 point can be shortened in this specification embodiment Clock.
Optionally, the information leakage grade that first user is determined according to the feature of risk information is specific to wrap It includes:
Construct information leakage risk class model;
By the first feature of risk information input to the information leakage risk class model, first user is exported Information leakage grade.
In this specification embodiment, information leakage risk class model is constructed, can be according to a large amount of historical data After being analyzed, setting preset rules give a mark to the behavior of user, and different feature of risk information can assign difference Score value, then obtain a calculation formula, the information leakage grade of the first user then determined according to calculation formula.It is different Information leakage grade correspond to different score sections, corresponding information leakage grade can be obtained by according to corresponding score.
In this specification embodiment, information leakage risk class model is constructed, can also be using unsupervised segmentation mould Type or Supervised classification model are trained a large amount of historical datas, ultimately generate information leakage risk class model.
In this specification embodiment, information leakage risk class model is constructed, can also be using Supervised classification mould Type or Supervised classification model are trained a large amount of historical datas, ultimately generate information leakage risk class model.Using There is monitor model just to need to set label to historical data, has carried out monitor model according to the different labels of historical data.It is this Mode needs the data for largely having label to cooperate, to improve the accuracy rate of identification.
Optionally, the building information leakage risk class model, specifically includes:
Obtain multiple historical datas;
Screen the black sample in the multiple historical data;
Extract the second feature of risk information of each historical data;
Supervised learning is carried out to the multiple historical data according to the black sample and the second feature of risk information, Generate information leakage risk class model.
In this specification embodiment, a kind of learning model for having supervision is provided, by being divided to historical data, It determines black sample and white sample, then carries out the study for having supervision, ultimately generate information leakage risk class model.Black sample indicates Historical data is the operation data of the user for the easy active information leakage having determined, and white sample indicates that historical data is not change hands The operation data of the user of dynamic information leakage.
In this specification embodiment, determine whether historical data is that black sample can obtained using a variety of methods The other information of the historical data is obtained while taking historical data, such as whether for data of reporting a case to the security authorities, it can also be according to some business Rule judges whether historical data is black sample.
In this specification embodiment, having the learning model of supervision that GBDT generation can be used has monitor model, can also be with Use other supervised learning methods, such as DNN.
This specification embodiment classifies historical data, determines that historical data is black sample or white sample, then In the study for carrying out having supervision, information leakage risk class model is generated.Using have monitor model ratio using unsupervised model into The training of row historical data improves the accuracy of model prediction.
Optionally, the black sample in the multiple historical data of screening, can specifically include:
Judge whether the historical data is data of reporting a case to the security authorities, and obtains the 4th judging result;
When the 4th judging result indicates that the historical data is to report a case to the security authorities data, determine that the historical data is black sample This.
In this specification embodiment, provide a kind of determining historical data whether be black sample method.In practical behaviour Some data of reporting a case to the security authorities often are had in work, in historical data, and data of reporting a case to the security authorities can illustrate that the corresponding user of the historical data belongs to In the crowd of easy active information leakage.Therefore, as long as confirmation historical data is data of reporting a case to the security authorities, so that it may judge that the historical data is Black sample.This specification embodiment improves the accuracy rate of model, decreases black sample using data are reported a case to the security authorities as black sample Really it fixes time.
Optionally, when the 4th judging result indicates that the historical data is not to report a case to the security authorities data, judge the history Whether data meet preset rules, obtain the 5th judging result;
When the 5th judging result indicates that the historical data meets the preset rules, the historical data is determined For black sample.
In this specification embodiment, because data of reporting a case to the security authorities are limited, and only with data of reporting a case to the security authorities as black sample It is inadequate.In order to increase the quantity of black sample, this specification embodiment provides another method for screening black sample.Consider It arrives, although the user of not all easy active information leakage can successfully be stolen property in account, all easy active letters The user of breath leakage can have certain general character, and e.g., password setting is simple, education level is low, often in unsafe ring Therefore logon account information etc. in border can formulate some rules according to these general character, go to screen by these rules some high Historical data of the danger without label, then filters out black sample further according to expert analysis mode.Expert analysis mode can be used as preset rules Supplement measure improves screening precision.Expert analysis mode can be realized using preset program, can also be carried out using artificial.The reality It applies example and high-risk unlabeled exemplars is gone out based on the high-risk Rules Filtering of business experience for the historical data of no label, then pass through expert Scoring filters out black sample, solves the problems, such as that black sample size is very few, improves the precision of prediction of model.
Optionally, the second feature of risk information for extracting each historical data, can specifically include:
For each historical data, the second user information of the historical data is determined;
Determine that user's portrait feature of risk of the second user, account behaviorist risk are special according to the second user information Sign and/or Social behaviors feature of risk.
In this specification embodiment, feature of risk is generated from three dimensions:
A) user's portrait feature of risk, i.e., the feature of risk generated based on user's portrait, such as: whether user uses public close Whether code, user install high-risk software etc., and high-risk software can be the softwares such as P2P, petty load.
In this specification embodiment, if as soon as the password of user setting is too simple, then being easy to be decrypted. To remember for convenience there are also a kind of situation, user can all passwords, as bank card password, social activity APP password, the APP that manages money matters are close Code is set as same password, will also result in information leakage in this way, if being realised that one of password unintentionally, will unlock it His several passwords.Therefore, the same behavior for also belonging to easy active information leakage is set by all passwords.Some users can also Set password to the birthday of oneself or relatives, and there is great correlation in the birthday with ID card No., ID card No. is The relatively not high information of one degree of privacy, criminal tend to obtain easily.Therefore, the birthday is set by password, Belong to the behavior of easy active information leakage.
B) account behaviorist risk feature, i.e., the risk indicator generated based on account behavior, such as: whether account has strange land is non-can Letter environmentally whether there is high-risk equipment operation, account with the presence or absence of credible equipment in the short time by easily leakage verification, account With untrusted devices blocked operation etc..
In this specification embodiment, untrusted environment can be understood as public place, non-personal environment or user The place that I seldom goes, departing from the scope of activities of user.Belong to one if the Wifi using public place is surfed the Internet The behavior of easy active information leakage.Public place can be Internet bar, hotel and parking lot etc..High-risk equipment can be understood to The relevant terminal device of data of reporting a case to the security authorities, or logged in the terminal of multiple accounts.Because if in such equipment, there are phases It should operate, then the risk that there is easy active information leakage is bigger.And account in a short time hand over by credible equipment and untrusted devices For operation, also illustrate that there may be the situations that account is stolen.
C) Social behaviors feature of risk, i.e., the risk indicator generated based on social information, such as: it is high-risk whether user issued Whether information, user are added high-risk circle/group, whether user by high-risk user is added to good friend, whether user actively adds High-risk/onrelevant user is good friend etc..
It is high-risk to can be understood as and ask the relevant behaviors such as loan, brush are single, credit card is handled in this specification embodiment Or operation.There is also the behaviors of some easy active information leakages in Social behaviors.If user issued consulting loan, brush Single, credit card such as handles at the high-risk information, then will be utilized by some criminals.If same, user be added similar loan, , similarly there is above-mentioned risk in the circle or group that brush is single, credit card is handled.In addition, if user actively add it is some high Endanger user, then there is also above-mentioned risks.
The embodiment introduces account behavior and social data as mode input simultaneously, improves predictablity rate and reality Shi Xing.
Optionally, it is described according to the black sample and the second feature of risk information to the multiple historical data into Row supervised learning, generate information leakage risk class model after, can also include:
Judge whether the information leakage risk class model meets preset standard, obtains the 6th judging result;
When the 6th judging result indicates that the information leakage risk class model does not meet the preset standard, repair The just described information leakage risk class model, until the information leakage risk class model meets the preset standard.
In this specification embodiment, the precision of prediction of the information leakage risk class model generated for the first time may be not achieved Standard, then just needing to be modified information leakage risk class model.This might have many reasons, it may be possible to black sample Quantity it is inadequate, it is also possible to it is unreasonable to the selection of feature of risk, it is possible to which supplement is more black on the basis of the original Sample can also be adjusted feature of risk information, until information leakage risk class model meets expection.
In this specification embodiment, it can also will pass through the operation data that information leakage risk class model be predicted Historical data is can also be added in, the quantity of black sample and white sample in historical data is continuously replenished.To correct the information Disclosure risk Grade Model, to improve the precision of prediction of model.
The optional first feature of risk information that first user is determined according to the authentication information, specifically May include:
The account information of first user is determined according to the authentication information;
Transfer the corresponding historical operation information of the account information;
The first feature of risk information of first user is determined according to the historical operation information.
In this specification embodiment, the authentication information of user may include the verifying letter of account information and account Breath, the account information of the first user can be determined according to authentication information.It may include account name, account inside account information It is secret;It can also include the registration information of user, such as name, ID card No., phone number, educational background, occupational information, permanent residence Location.Furthermore it is also possible to call some other information according to the name of user.Can also be transferred according to account information it is some with it is current Platform is relevant or the information of other platforms of binding relationship.
In this specification embodiment, transferring the corresponding historical operation information of the account information may include stepping on for user The some comments issued in recording apparatus information, payment information, social information and social circle or status information.Then this is integrated A little historical operation informations determine the first feature of risk information of user.
This specification embodiment, using the first feature of risk information of much information characterization user, assessment is more comprehensive, right Whether easy the judgement of the personnel of user's active information leakage be more accurate.
Optionally, the first feature of risk information that first user is determined according to the historical operation information, tool Body includes:
Determine that user's portrait feature of risk of first user, account behaviorist risk are special according to the historical operation information Sign and/or Social behaviors feature of risk.
In this specification embodiment, the first feature of risk information may include a variety of various forms of information, Yong Huhua As feature of risk, account behaviorist risk feature and/or Social behaviors feature of risk.
User's portrait feature of risk is the feature of risk generated of being drawn a portrait based on user.User's portrait is also known as user role, is A kind of effective tool delineated target user, contact user's demand and design direction.User draws a portrait during practical operation The attribute of user, behavior and expectation are tied with the most plain and closeness to life language.As the virtual of actual user Represent, user's portrait be formed by user role be not be detached from it is constructed except product and market come out, the user of formation Role needs the main audient and target group of representative energy representative products.User's portrait is answered in electric business field , under big data era background, user information is full of in a network, each specifying information of user is abstracted into label, User image is embodied using these labels, to provide targeted service for user.
In this specification embodiment, user draw a portrait feature of risk, may include: user whether use public password, with Whether whether consistent, user installs high-risk software etc. to password on other platforms, such as P2P, petty load.
In this specification embodiment, account behaviorist risk feature can be the information based on account behavior, as account is It is no to there is strange land untrusted environmentally to pass through easily leakage verification, account with the presence or absence of high-risk equipment operation, account with the presence or absence of in short-term Interior credible equipment and untrusted devices blocked operation etc..
In this specification embodiment, Social behaviors feature of risk can be the information based on user social contact, as user is It is no issued high-risk information, whether user is added high-risk circle/group, whether user by high-risk user is added to good friend, user Whether actively adding high-risk/onrelevant user is good friend etc..
Based on same thinking, this specification embodiment additionally provides the corresponding device of the above method.Fig. 2 is this specification The structural schematic diagram for the risk control device that a kind of identity-based corresponding to Fig. 1 that embodiment provides is verified.As shown in Fig. 2, The apparatus may include:
Authentication information obtains module 201, for obtaining the authentication information of the first user submission;
First feature of risk information determination module 202, for determining first user according to the authentication information The first feature of risk information;
Information leakage level determination module 203, for determining first user according to the first feature of risk information Information leakage grade;
Risk control module 204, for carrying out risk to the operation of first user according to the information leakage grade Control.
The device that this specification embodiment provides obtains module 201 by authentication information and obtains the body that user submits Part verification information, the first feature of risk information determination module 202 determine the first feature of risk information of user;Then information leakage Level determination module 203 determines the information leakage grade of user according to the first feature of risk information, judges whether user is to change hands The user of dynamic information leakage, then risk control module 204 carries out the operation of the user according to the information leakage grade Risk control.The user that this specification embodiment is revealed by identifying easy initiative information, then carries out risk control to it, Improve the safety of user account and fund.
Optionally, the risk control module 204, can specifically include:
First result judging submodule is obtained for judging whether the information leakage grade is lower than the first risk class First judging result;
First authentication submodule, for when first judging result expression information leakage grade is higher than or waits When first risk class, the biological information for acquiring first user carries out secondary identity authentication.
Optionally, the risk control module 204 can also include:
Second result judging submodule, for indicating the information leakage grade lower than described when first judging result When the first risk class, judge whether the information leakage grade is lower than the second risk class, obtains the second judging result, it is described Second risk class is lower than first risk class;
Apparatus information acquiring submodule is operated, for indicating that the information leakage grade is higher than when second judging result Or when being equal to second risk class, the operation facility information of first user is obtained;
Third result judging submodule, for judging whether the corresponding operation equipment of the operation facility information is described The credible equipment of one user obtains third judging result;
Second authentication submodule, when the third judging result indicates that the operation equipment is not first user Credible equipment when, to first user carry out secondary identity authentication.
Optionally, the first feature of risk information determination module 202, can specifically include:
Account information determines submodule, for determining that the account of first user is believed according to the authentication information Breath;
Historical operation information transfers submodule, for transferring the corresponding historical operation information of the account information;
First feature of risk information determines submodule, for determining first user's according to the historical operation information First feature of risk information.
Optionally, the first feature of risk information determines submodule, is specifically used for true according to the historical operation information User's portrait feature of risk, account behaviorist risk feature and/or the Social behaviors feature of risk of fixed first user.
Optionally, the information leakage level determination module 203, can specifically include:
Information leakage risk class model construction submodule, for constructing information leakage risk class model;
Information leakage grade output sub-module is used for the first feature of risk information input to the information leakage wind Dangerous Grade Model exports the information leakage grade of first user.
Optionally, the information leakage risk class model construction submodule, can specifically include:
Multiple historical data acquiring units, for obtaining multiple historical datas;
Black screening sample unit, for screening the black sample in the multiple historical data;
Second feature of risk information extraction unit, for extracting the second feature of risk information of each historical data;
Information leakage risk class model generation unit, for according to the black sample and the second feature of risk information Supervised learning is carried out to the multiple historical data, generates information leakage risk class model.
Optionally, the black screening sample unit, can specifically include:
4th result judgment sub-unit obtains the 4th judgement knot for judging whether the historical data is data of reporting a case to the security authorities Fruit;
First black sample determines subelement, for indicating that the historical data is data of reporting a case to the security authorities when the 4th judging result When, determine that the historical data is black sample.
Optionally, the black screening sample unit can also include:
5th result judgment sub-unit, for indicating that the historical data is not data of reporting a case to the security authorities when the 4th judging result When, judge whether the historical data meets preset rules, obtains the 5th judging result;
Second black sample determines subelement, for when the 5th judging result, to indicate that the historical data meets described pre- If when rule, determining that the historical data is black sample.
Optionally, the second feature of risk information extraction unit, can specifically include:
Second user information determines subelement, for being directed to each historical data, determines that the second of the historical data is used Family information;
Second feature of risk information determines subelement, for determining the second user according to the second user information User's portrait feature of risk, account behaviorist risk feature and/or Social behaviors feature of risk.
Optionally, the information leakage risk class model construction submodule can also include:
6th result judging unit is obtained for judging whether the information leakage risk class model meets preset standard To the 6th judging result;
Amending unit, described in not met when the 6th judging result expression information leakage risk class model When preset standard, correct the information leakage risk class model, until the information leakage risk class model meet it is described Preset standard.
Based on same thinking, this specification embodiment additionally provides the corresponding equipment of the above method.
Fig. 3 is the risk control equipment that a kind of identity-based corresponding to Fig. 1 that this specification embodiment provides is verified Structural schematic diagram.As shown in figure 3, equipment 300 may include:
At least one processor 310;And
The memory 330 being connect at least one described processor communication;Wherein,
The memory 330 is stored with the instruction 320 that can be executed by least one described processor 310, described instruction quilt Described at least one processor 310 executes so that at least one described processor 310 can:
Obtain the authentication information of the first user submission;
The first feature of risk information of first user is determined according to the authentication information;
The information leakage grade of first user is determined according to the first feature of risk information;
Risk control is carried out to the operation of first user according to the information leakage grade.
The equipment that this specification embodiment provides, the authentication information submitted by obtaining user, determines the of user One feature of risk information;Then the information leakage grade that user is determined according to the first feature of risk information, judge user whether be Then the user of easy active information leakage carries out risk control to the operation of the user according to the information leakage grade.This The user that invention is revealed by identifying easy initiative information, then carries out risk control to it, improves user account and money The safety of gold.
In the 1990s, the improvement of a technology can be distinguished clearly be on hardware improvement (for example, Improvement to circuit structures such as diode, transistor, switches) or software on improvement (improvement for method flow).So And with the development of technology, the improvement of current many method flows can be considered as directly improving for hardware circuit. Designer nearly all obtains corresponding hardware circuit by the way that improved method flow to be programmed into hardware circuit.Cause This, it cannot be said that the improvement of a method flow cannot be realized with hardware entities module.For example, programmable logic device (Programmable Logic Device, PLD) (such as field programmable gate array (FieldProgrammable GateArray, FPGA)) it is exactly such a integrated circuit, logic function determines device programming by user.By designing Personnel, which voluntarily program, to come a digital display circuit " integrated " on a piece of PLD, designed without asking chip maker and Make dedicated IC chip.Moreover, nowadays, substitution manually makes IC chip, and this programming also changes mostly It is realized with " logic compiler (logic compiler) " software, software compiler phase used when it writes with program development It is similar, and the source code before compiling also write by handy specific programming language, this is referred to as hardware description language (Hardware Description Language, HDL), and HDL is also not only a kind of, but there are many kind, such as ABEL (Advanced BooleanExpression Language)、AHDL(Altera Hardware Description Language)、Confluence、CUPL(Cornell UniversityProgramming Language)、HDCal、JHDL (Java Hardware Description Language)、Lava、Lola、MyHDL、PALASM、RHDL(Ruby Hardware DescriptionLanguage) etc., VHDL (Very-High-Speed is most generally used at present Integrated Circuit Hardware Description Language) and Verilog.Those skilled in the art also answer This understands, it is only necessary to method flow slightly programming in logic and is programmed into integrated circuit with above-mentioned several hardware description languages, The hardware circuit for realizing the logical method process can be readily available.
Controller can be implemented in any suitable manner, for example, controller can take such as microprocessor or processing The computer for the computer readable program code (such as software or firmware) that device and storage can be executed by (micro-) processor can Read medium, logic gate, switch, specific integrated circuit (Application Specific Integrated Circuit, ASIC), the form of programmable logic controller (PLC) and insertion microcontroller, the example of controller includes but is not limited to following microcontroller Device: ARC 625D, AtmelAT91SAM, Microchip PIC18F26K20 and Silicone Labs C8051F320 are deposited Memory controller is also implemented as a part of the control logic of memory.It is also known in the art that in addition to Pure computer readable program code mode is realized other than controller, can be made completely by the way that method and step is carried out programming in logic Controller is obtained to come in fact in the form of logic gate, switch, specific integrated circuit, programmable logic controller (PLC) and insertion microcontroller etc. Existing identical function.Therefore this controller is considered a kind of hardware component, and to including for realizing various in it The device of function can also be considered as the structure in hardware component.Or even, it can will be regarded for realizing the device of various functions For either the software module of implementation method can be the structure in hardware component again.
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity, Or it is realized by the product with certain function.It is a kind of typically to realize that equipment is computer.Specifically, computer for example may be used Think personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play It is any in device, navigation equipment, electronic mail equipment, game console, tablet computer, wearable device or these equipment The combination of equipment.
For convenience of description, it is divided into various units when description apparatus above with function to describe respectively.Certainly, implementing this The function of each unit can be realized in the same or multiple software and or hardware when application.
It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
In a typical configuration, calculating equipment includes one or more processors (CPU), input/output interface, net Network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/or The forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable medium Example.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data. The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM), Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described want There is also other identical elements in the process, method of element, commodity or equipment.
The application can describe in the general context of computer-executable instructions executed by a computer, such as program Module.Generally, program module includes routines performing specific tasks or implementing specific abstract data types, programs, objects, group Part, data structure etc..The application can also be practiced in a distributed computing environment, in these distributed computing environments, by Task is executed by the connected remote processing devices of communication network.In a distributed computing environment, program module can be with In the local and remote computer storage media including storage equipment.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for system reality For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method Part explanation.
The above description is only an example of the present application, is not intended to limit this application.For those skilled in the art For, various changes and changes are possible in this application.All any modifications made within the spirit and principles of the present application are equal Replacement, improvement etc., should be included within the scope of the claims of this application.

Claims (21)

1. a kind of risk control method of identity-based verifying, comprising:
Obtain the authentication information of the first user submission;
The first feature of risk information of first user is determined according to the authentication information;
The information leakage grade of first user is determined according to the first feature of risk information;
Risk control is carried out to the operation of first user according to the information leakage grade.
2. the method as described in claim 1, described to be carried out according to the information leakage grade to the operation of first user Risk control specifically includes:
Judge whether the information leakage grade is lower than the first risk class, obtains the first judging result;
When first judging result indicates that the information leakage grade is greater than or equal to first risk class, institute is acquired The biological information for stating the first user carries out secondary identity authentication.
3. method according to claim 2, the method also includes:
When first judging result indicates that the information leakage grade is lower than first risk class, the information is judged Whether leakage grade is lower than the second risk class, obtains the second judging result, and second risk class is lower than first wind Dangerous grade;
When second judging result indicates that the information leakage grade is greater than or equal to second risk class, institute is obtained State the operation facility information of the first user;
Judge it is described operation facility information it is corresponding operation equipment whether be first user credible equipment, obtain third and sentence Disconnected result;
When the third judging result indicates that the operation equipment is not the credible equipment of first user, to described first User carries out secondary identity authentication.
4. the method as described in claim 1, first wind that first user is determined according to the authentication information Dangerous characteristic information, specifically includes:
The account information of first user is determined according to the authentication information;
Transfer the corresponding historical operation information of the account information;
The first feature of risk information of first user is determined according to the historical operation information.
5. method as claimed in claim 4, first wind that first user is determined according to the historical operation information Dangerous characteristic information, specifically includes:
User the portrait feature of risk, account behaviorist risk feature of first user are determined according to the historical operation information And/or Social behaviors feature of risk.
6. the method as described in claim 1, described to determine that the information of first user is let out according to the feature of risk information Reveal grade, specifically include:
Construct information leakage risk class model;
By the first feature of risk information input to the information leakage risk class model, the letter of first user is exported Breath leakage grade.
7. method as claimed in claim 6, the building information leakage risk class model, specifically includes:
Obtain multiple historical datas;
Screen the black sample in the multiple historical data;
Extract the second feature of risk information of each historical data;
Supervised learning is carried out to the multiple historical data according to the black sample and the second feature of risk information, is generated Information leakage risk class model.
8. the method for claim 7, the black sample in the multiple historical data of screening, specifically includes:
Judge whether the historical data is data of reporting a case to the security authorities, and obtains the 4th judging result;
When the 4th judging result indicates that the historical data is to report a case to the security authorities data, determine that the historical data is black sample.
9. method according to claim 8, the method also includes:
When the 4th judging result indicates that the historical data is not to report a case to the security authorities data, judge whether the historical data meets Preset rules obtain the 5th judging result;
When the 5th judging result indicates that the historical data meets the preset rules, determine that the historical data is black Sample.
10. the method for claim 7, the second feature of risk information for extracting each historical data, specific to wrap It includes:
For each historical data, the second user information of the historical data is determined;
User the portrait feature of risk, account behaviorist risk feature of the second user are determined according to the second user information And/or Social behaviors feature of risk.
11. the method for claim 7, it is described according to the black sample and the second feature of risk information to described Multiple historical datas exercise supervision study, after generating information leakage risk class model, further includes:
Judge whether the information leakage risk class model meets preset standard, obtains the 6th judging result;
When the 6th judging result indicates that the information leakage risk class model does not meet the preset standard, institute is corrected Information leakage risk class model is stated, until the information leakage risk class model meets the preset standard.
12. a kind of risk control device of identity-based verifying, comprising:
Authentication information obtains module, for obtaining the authentication information of the first user submission;
First feature of risk information determination module, for determining the first wind of first user according to the authentication information Dangerous characteristic information;
Information leakage level determination module, for determining that the information of first user is let out according to the first feature of risk information Reveal grade;
Risk control module, for carrying out risk control to the operation of first user according to the information leakage grade.
13. device as claimed in claim 12, the risk control module, specifically include:
First result judging submodule obtains first for judging whether the information leakage grade is lower than the first risk class Judging result;
First authentication submodule, for indicating that the information leakage grade is greater than or equal to institute when first judging result When stating the first risk class, the biological information for acquiring first user carries out secondary identity authentication.
14. device as claimed in claim 13, the risk control module, further includes:
Second result judging submodule, for indicating that the information leakage grade is lower than described first when first judging result When risk class, judge whether the information leakage grade is lower than the second risk class, obtains the second judging result, described second Risk class is lower than first risk class;
Apparatus information acquiring submodule is operated, for when second judging result expression information leakage grade is higher than or waits When second risk class, the operation facility information of first user is obtained;
Third result judging submodule, for judging whether the corresponding operation equipment of the operation facility information is first use The credible equipment at family obtains third judging result;
Second authentication submodule, when the third judging result indicate it is described operation equipment be not first user can When believing equipment, secondary identity authentication is carried out to first user.
15. device as claimed in claim 12, the first feature of risk information determination module, specifically include:
Account information determines submodule, for determining the account information of first user according to the authentication information;
Historical operation information transfers submodule, for transferring the corresponding historical operation information of the account information;
First feature of risk information determines submodule, for determining the first of first user according to the historical operation information Feature of risk information.
16. device as claimed in claim 12, the information leakage level determination module, specifically include:
Information leakage risk class model construction submodule, for constructing information leakage risk class model;
Information leakage grade output sub-module is used for described first feature of risk information input to the information leakage risk etc. Grade model, exports the information leakage grade of first user.
17. device as claimed in claim 16, the information leakage risk class model construction submodule, specifically include:
Multiple historical data acquiring units, for obtaining multiple historical datas;
Black screening sample unit, for screening the black sample in the multiple historical data;
Second feature of risk information extraction unit, for extracting the second feature of risk information of each historical data;
Information leakage risk class model generation unit is used for according to the black sample and the second feature of risk information to institute It states multiple historical datas and carries out supervised learning, generate information leakage risk class model.
18. device as claimed in claim 17, the black screening sample unit, specifically include:
4th result judgment sub-unit obtains the 4th judging result for judging whether the historical data is data of reporting a case to the security authorities;
First black sample determines subelement, for when the 4th judging result indicates that the historical data is to report a case to the security authorities data, Determine that the historical data is black sample.
19. device as claimed in claim 18, the black screening sample unit, further includes:
5th result judgment sub-unit, for when the 4th judging result indicates that the historical data is not to report a case to the security authorities data, Judge whether the historical data meets preset rules, obtains the 5th judging result;
Second black sample determines subelement, for indicating that the historical data meets the default rule when the 5th judging result When then, determine that the historical data is black sample.
20. device as claimed in claim 17, the second feature of risk information extraction unit, specifically include:
Second user information determines subelement, for being directed to each historical data, determines the second user letter of the historical data Breath;
Second feature of risk information determines subelement, for determining the user of the second user according to the second user information Portrait feature of risk, account behaviorist risk feature and/or Social behaviors feature of risk.
21. a kind of risk control equipment of identity-based verifying, comprising:
At least one processor;And
The memory being connect at least one described processor communication;Wherein,
The memory is stored with the instruction that can be executed by least one described processor, and described instruction is by described at least one Manage device execute so that at least one described processor can:
Obtain the authentication information of the first user submission;
The first feature of risk information of first user is determined according to the authentication information;
The information leakage grade of first user is determined according to the first feature of risk information;
Risk control is carried out to the operation of first user according to the information leakage grade.
CN201910448996.5A 2019-05-28 2019-05-28 Risk control method, device and equipment based on identity verification Active CN110276178B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201910448996.5A CN110276178B (en) 2019-05-28 2019-05-28 Risk control method, device and equipment based on identity verification
CN202310524140.8A CN116578955A (en) 2019-05-28 2019-05-28 Risk control method, device and equipment based on identity verification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910448996.5A CN110276178B (en) 2019-05-28 2019-05-28 Risk control method, device and equipment based on identity verification

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202310524140.8A Division CN116578955A (en) 2019-05-28 2019-05-28 Risk control method, device and equipment based on identity verification

Publications (2)

Publication Number Publication Date
CN110276178A true CN110276178A (en) 2019-09-24
CN110276178B CN110276178B (en) 2023-04-28

Family

ID=67959106

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201910448996.5A Active CN110276178B (en) 2019-05-28 2019-05-28 Risk control method, device and equipment based on identity verification
CN202310524140.8A Pending CN116578955A (en) 2019-05-28 2019-05-28 Risk control method, device and equipment based on identity verification

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN202310524140.8A Pending CN116578955A (en) 2019-05-28 2019-05-28 Risk control method, device and equipment based on identity verification

Country Status (1)

Country Link
CN (2) CN110276178B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110647738A (en) * 2019-09-29 2020-01-03 武汉极意网络科技有限公司 Service wind control adaptation method, device, equipment and storage medium
CN110659466A (en) * 2019-09-26 2020-01-07 支付宝(杭州)信息技术有限公司 Method and device for processing encryption behavior
CN111027980A (en) * 2019-12-12 2020-04-17 支付宝(杭州)信息技术有限公司 Method and device for verifying use of limit
CN113111340A (en) * 2021-04-10 2021-07-13 支付宝(杭州)信息技术有限公司 Method, device, equipment and readable medium for displaying login mode options

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117688616B (en) * 2024-02-04 2024-05-28 广东省计算技术应用研究所 Information security processing method, device, equipment and storage medium based on big data

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100070405A1 (en) * 2008-09-17 2010-03-18 Bank Of America Wireless number risk scores for use with mobile payments
CN106295349A (en) * 2015-05-29 2017-01-04 阿里巴巴集团控股有限公司 Risk Identification Method, identification device and the anti-Ore-controlling Role that account is stolen
CN106296187A (en) * 2015-06-03 2017-01-04 深圳卡通新技术有限公司 A kind of electronic payment safety control method and system
WO2017071147A1 (en) * 2015-10-30 2017-05-04 宇龙计算机通信科技(深圳)有限公司 Mobile payment monitoring method and system, and intelligent terminal
CN109064175A (en) * 2018-06-11 2018-12-21 阿里巴巴集团控股有限公司 A kind of account takeover risk prevention system method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100070405A1 (en) * 2008-09-17 2010-03-18 Bank Of America Wireless number risk scores for use with mobile payments
CN106295349A (en) * 2015-05-29 2017-01-04 阿里巴巴集团控股有限公司 Risk Identification Method, identification device and the anti-Ore-controlling Role that account is stolen
CN106296187A (en) * 2015-06-03 2017-01-04 深圳卡通新技术有限公司 A kind of electronic payment safety control method and system
WO2017071147A1 (en) * 2015-10-30 2017-05-04 宇龙计算机通信科技(深圳)有限公司 Mobile payment monitoring method and system, and intelligent terminal
CN109064175A (en) * 2018-06-11 2018-12-21 阿里巴巴集团控股有限公司 A kind of account takeover risk prevention system method and device

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110659466A (en) * 2019-09-26 2020-01-07 支付宝(杭州)信息技术有限公司 Method and device for processing encryption behavior
CN110647738A (en) * 2019-09-29 2020-01-03 武汉极意网络科技有限公司 Service wind control adaptation method, device, equipment and storage medium
CN110647738B (en) * 2019-09-29 2021-09-03 武汉极意网络科技有限公司 Service wind control adaptation method, device, equipment and storage medium
CN111027980A (en) * 2019-12-12 2020-04-17 支付宝(杭州)信息技术有限公司 Method and device for verifying use of limit
CN111027980B (en) * 2019-12-12 2022-08-12 支付宝(杭州)信息技术有限公司 Method and device for verifying use of limit
CN113111340A (en) * 2021-04-10 2021-07-13 支付宝(杭州)信息技术有限公司 Method, device, equipment and readable medium for displaying login mode options

Also Published As

Publication number Publication date
CN116578955A (en) 2023-08-11
CN110276178B (en) 2023-04-28

Similar Documents

Publication Publication Date Title
CN110276178A (en) A kind of risk control method, device and the equipment of identity-based verifying
Fourcade et al. Learning like a state: Statecraft in the digital age
CN109064175A (en) A kind of account takeover risk prevention system method and device
CN109087106A (en) Identify air control model training, air control method, apparatus and the equipment of secondary account takeover of distributing telephone numbers
Tiong et al. E-cheating prevention measures: detection of cheating at online examinations using deep learning approach--a case study
CN112863683B (en) Medical record quality control method and device based on artificial intelligence, computer equipment and storage medium
CN110263157B (en) Data risk prediction method, device and equipment
CN110706090A (en) Credit fraud identification method and device, electronic equipment and storage medium
CN109376999A (en) A kind of management-control method of transaction, device and equipment
CN106462706A (en) A method and apparatus for providing client-side score-based authentication
CN107679457A (en) User identity method of calibration and device
CN106209821A (en) The big data management system of information security based on credible cloud computing
CN111143665A (en) Fraud qualitative method, device and equipment
CN110163241A (en) Data sample generation method, device, computer equipment and storage medium
Tariq et al. Am I a real or fake celebrity? Evaluating face recognition and verification APIs under deepfake impersonation attack
Ojugo et al. Forging a user-trust hybrid memetic modular neural network card fraud detection ensemble: A Pilot study
CN114004639B (en) Method, device, computer equipment and storage medium for recommending preferential information
Fourcade et al. The ordinal society
CN113961704B (en) Text-based risk prevention and control processing method, device and equipment
Afah et al. Smartphones verification and identification by the use of fingerprint
CN110222187A (en) Protect joint activity detection and the data sharing method of privacy of user
Putera et al. Artificial Intelligence in the Tourism Industry: A privacy impasse
Siraj et al. Framework of a mobile bank using artificial intelligence techniques
Yuan et al. Cross‐device tracking through identification of user typing behaviours
CN112836612A (en) Method, device and system for user real-name authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20201009

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant after: Innovative advanced technology Co.,Ltd.

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant before: Advanced innovation technology Co.,Ltd.

Effective date of registration: 20201009

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant after: Advanced innovation technology Co.,Ltd.

Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands

Applicant before: Alibaba Group Holding Ltd.

GR01 Patent grant
GR01 Patent grant